Exchange 2016 CU10 has been released to the Microsoft download centre! Exchange 2016 has a different servicing strategy than Exchange 2007/2010 and utilises Cumulative Updates (CUs) rather than the Rollup Updates (RU/UR) which were used previously. CUs are a complete installation of Exchange 2016 and can be used to install a fresh server or to update a previously installed one. Exchange 2013 has the same servicing methodology.
This is build 15.01.1531.003 of Exchange 2016 and the update is helpfully named ExchangeServer2016-x64-CU10.iso which allows us to easily identify the update. Details for the release are contained in KB KB4099852.
Exchange 2007 is no longer supported, updates are not provided once a product has exited out of extended support.
Updates Of Particular Note
.NET framework 4.7.1 is now required. This was previously discussed in the December 2017 release of Exchange updates.
Exchange 2016 CU10 and onwards will require the VC++ 2013 runtime library installed on the server.
The below updates will be of use to many customers running in an Exchange hybrid deployment.
4058473 An Office 365 primary mailbox user cannot be assigned full access permissions for an on-premises mailbox in Exchange Server
4133605 Cmdlets to create or modify a remote shared mailbox in an on-premises Exchange environment
Starting in Cumulative Update 21 for Exchange Server 2013 and Cumulative Update 10 for Exchange Server 2016 in an on-premises Exchange Server environment, you can directly create or modify a remote shared mailbox by using the new parameter -shared with the following cmdlets:
- Enable-RemoteMailbox: [-Identity user] [-Shared] [-RemoteRoutingAddress user@domain]
- New-RemoteMailbox: [-Shared] [-Name RemoteMailboxName]
- Set-RemoteMailbox: [-Name user] [-Type Shared]
Note – if after installing the CU you do not see the new –Shared parameter then the step to manually run /PrepareAD was not done. Read the rest of this post for details on that issue.
CU9 also includes the latest DST updates.
Issues Resolved
4056609 Event ID 4999 and mailbox transport delivery service won't start with Exchange Server 2016 CU7 installed
4133605 Cmdlets to create or modify a remote shared mailbox in an on-premises Exchange environment
4133620 "HTTP 500 due to ADReferralException" error when a user tries to view detail properties of mailboxes in a child domain in Exchange Server
4095974 "System.InvalidOperationException" occurs when the "Enable-MailPublicFolder" cmdlet is run against a public folder in Exchange Server
4095973 Set-ServerComponentState cmdlet does not honor the write scope defined in the RBAC management scope in Exchange Server
4095993 HTTP 500 error when an administrator tries to manage regional settings in ECP on Windows Server 2016
4294209 Cannot clear the “Maximum message size” check box for Send messages or Receive messages in EAC in Exchange Server 2016
4294208 "TooManyObjectsOpenedException" error when you run the "Get-PublicFolderMailboxDiagnostics" cmdlet in Exchange Server
4294212 Cannot send VBScript-created messages in the Outlook 2016 client
4294211 Cannot run “Set-CalendarProcessing” cmdlets after you apply CU8 or CU9 for Exchange Server 2016
4294210 Cannot edit an email attachment in OWA in an Exchange Server 2016 environment
4294204 Changing "IsOutOfService" to "False" in an earlier Exchange Server version does not immediately update in a later Exchange Server environment
4092041 Description of the security update for Microsoft Exchange Server 2013 and 2016: May 8, 2018
Some Items For Consideration
Exchange 2016 follows the same servicing paradigm for Exchange 2013 which was previously discussed on the blog. The CU package can be used to perform a new installation, or to upgrade an existing Exchange Server 2016 installation to this CU. Cumulative Updates are well, cumulative. What else can I say…
For customers with a hybrid Exchange deployment, must keep their on-premises Exchange servers updated to the latest update or the one immediately prior ( N or N-1).
- Test the CU in a lab which is representative of your environment
- Review this post to also factor in AD preparation which is to be done ahead of installing the CU onto the first Exchange server
- Follow your organisation’s change management process, and factor the approval time into your change request
- Provide appropriate notifications as per your process. This may be to IT teams, or to end users.
- After you install this cumulative update package, you cannot uninstall the cumulative update package to revert to an earlier version of Exchange. If you uninstall this cumulative update package, Exchange is removed from the server.
- Place the server into SCOM maintenance mode prior to installing, confirm the install then take the server out of maintenance mode
- lace the server into Exchange maintenance mode prior to installing, confirm the install then take the server out of maintenance mode
- I personally like to restart prior to installing CUs. This helps identifies if an issue was due to the CU or happened in this prior restart, and also completes any pending file rename operations. 3rd party AV products are often guilty of this
- Restart the server after installing the CU
- Ensure that all the relevant services are running
- Ensure that event logs are clean, with no errors
- Ensure that you consult with all 3rd party vendors which exist as part of your messaging environment. This includes archive, backup, mobility and management services.
- Ensure that you do not forget to install this update on management servers, jump servers/workstations and application servers where the management tools were installed for an application. FIM and 3rd party user provisioning solutions are examples of the latter.
- Ensure that the Windows PowerShell Script Execution Policy is set to “Unrestricted” on the server being upgraded or installed. See KB981474.
- Disable file system antivirus prior to installing. Do this through the appropriate console. Typically this will be a central admin console, not the local machine.
- Verify file system antivirus is actually disabled
- Once server has been restarted, re-enable file system antivirus.
- Note that customised configuration files are overwritten on installation. Make sure you have any changes fully documented!
- CU9 does NOT contain new AD Schema updates for your organisation.
While CU10 does not add any new AD Schema changes. If you are on an out-dated CU currently, then deploying CU10 may contain AD Schema updates for your organisation – please test and plan accordingly! Whether or not your AD Schema needs to be updated depends upon your initial Exchange 2016 version. This will dictate if the AD Schema needs to be modified.
Please enjoy the update responsibly!
What do I mean by that? Well, you need to ensure that you are fully informed about the caveats with the CU and are aware of all of the changes that it will make within your environment. Additionally you will need to test the CU your lab which is representative of your production environment.
Cheers,
Rhoderick